I’m not going to go into a long-winded definition of hacking. We all know what it is and have all experienced malware in some form or to some degree with our computing experiences.

Cutting to the chase then, below are eight clear signs that your system is compromised, followed by a free online tool that tells you immediately if your email has been compromised.

No. 1: Fake antivirus messages

Fake antivirus warning messages are among the surest signs that your system has been compromised. (By the time you see this warning, the damage has been done. Clicking No or Cancel will do nothing to stop the virus. The malicious software has already corrupted your PC – often through the Java Runtime Environment or an Adobe product,)

What to do: As soon as you notice the fake antivirus warning message, power down your computer. Boot up the computer system in Safe Mode, No Networking, and try to uninstall the newly installed malware (oftentimes it can be uninstalled like a regular program). Either way, follow up by trying to restore your system to a state previous to the exploitation. If successful, test the computer in regular mode and make sure that the fake antivirus warnings are gone. Then follow up with a complete antivirus scan. Oftentimes, the scanner will find other malware remnants left behind.

No. 2: Unwanted browser toolbars

This is probably the second most common sign of system corruption: Your browser has multiple new toolbars.

What to do: Most browsers allow you to review installed and active toolbars. Remove any you didn’t absolutely want to install. When in doubt, remove it. If the bogus toolbar isn’t listed there or you can’t easily remove it, see if your browser has an option to reset the browser back to its default settings. If this doesn’t work, follow the instructions listed above for fake antivirus messages.

No. 3: Redirected Internet searches

You can often spot this type of malware by typing a few related, very common words (for example, “puppy” or “goldfish”) into Internet search engines and checking to see whether the same websites appear in the results — almost always with no actual relevance to your terms.

What to do: Follow the same instructions as above. Usually removing the bogus toolbars and programs is enough to get rid of malicious redirection.

No. 4: Frequent random popups

This popular sign that you’ve been hacked is also one of the more annoying ones. When you’re getting random browser pop-ups from websites that don’t normally generate them, your system has been compromised. Even legitimate websites, can bypass your browser’s anti-pop-up mechanisms.

What to do: Once again, typically, random pop-ups are generated by one of the three previous malicious mechanisms noted above. You’ll need to get rid of bogus toolbars and other programs if you even hope to get rid of the pop-ups.

No. 5: Your contacts receive fake emails from your email account

This is the one scenario where you might be OK. It’s fairly common for our email contacts to receive malicious emails from us. A decade ago, when email attachment viruses were all the rage, it was very common for malware programs to survey your email address book and send malicious emails to everyone in it.

These days it’s more common for malicious emails to be sent to some of your contacts, but not everyone in your email address book. If it’s just a few contacts and not everyone in your email list, then more than likely your computer hasn’t been compromised (at least with an email address-hunting malware program). These days malware programs and hackers often pull email addresses and contact lists from social media sites, but doing so means obtaining a very incomplete list of your contacts’ email addresses. Although not always the case, the bogus emails they send to your contacts often don’t have your email address as the sender. It may have your name, but not your correct email address. If this is the case, then usually your computer is safe.

What to do: If one or more contacts reports receiving bogus emails claiming to be from you, do your due diligence and run a complete antivirus scan on your computer, followed by looking for unwanted installed programs and toolbars. Often it’s nothing to worry about, but a check-up can’t hurt.

No. 6: Unexpected software installs

Unwanted and unexpected software installs are a big sign that your computer system has likely been hacked.

In the early days of malware, most programs were computer viruses, which work by modifying other legitimate programs. They did this to better hide themselves. For whatever reason, most malware programs these days are Trojans and worms, and they typically install themselves like legitimate programs. This may be because their creators are trying to walk a very thin line when the courts catch up to them. They can attempt to say something like, “But we are a legitimate software company.” Oftentimes the unwanted software is legally installed by other programs, so read your license agreements. Frequently, I’ll read license agreements that plainly state that they will be installing one or more other programs. Sometimes you can opt out of these other installed programs; other times you can’t.

What to do: There are many free programs that show you all your installed programs and let you selectively disable them. One favorite is Autoruns. It doesn’t show you every program installed but will tell you the ones that automatically start themselves when your PC is restarted. Most malware programs can be found here. The hard part is determining what is and what isn’t legitimate. When in doubt, disable the unrecognized program, reboot the PC, and re-enable the program only if some needed functionality is no longer working.

No. 7: Your mouse moves between programs and makes correct selections

If your mouse pointer moves itself while making selections that work, you’ve definitely been hacked. Mouse pointers often move randomly, usually due to hardware problems. But if the movements involve making the correct choices to run particular programs, malicious humans are somewhere involved.

Not as common as some of the other attacks, many hackers will break into a computer, wait for it to be idle for a long time (like after midnight), then try to steal your money. Hackers will break into bank accounts and transfer money, trade your stocks, and do all sorts of rogue actions, all designed to lighten your cash load.

What to do: If your computer “comes alive” one night, take a minute before turning it off to determine what the intruders are interested in. Don’t let them rob you, but it will be useful to see what things they are looking at and trying to compromise. If you have a cellphone handy, take a few pictures to document their tasks. When it makes sense, power off the computer. Unhook it from the network (or disable the wireless router) and call in the professionals. This is the one time that you’re going to need expert help.

Using another known good computer, immediately change all your other logon names and passwords. Check your bank account transaction histories, stock accounts, and so on. Consider paying for a credit-monitoring service. If you’ve been a victim of this attack, you have to take it seriously. Complete restore of the computer is the only option you should choose for recovery. But if you’ve lost any money, make sure to let the forensics team make a copy first. If you’ve suffered a loss, call law enforcement and file a case. You’ll need this information to best recover your real money losses, if any.

This is a huge sign of malicious compromise. If you notice that your antimalware software is disabled and you didn’t do it, you’re probably exploited — especially if you try to start Task Manager or Registry Editor and they won’t start, start and disappear, or start in a reduced state. This is very common for malware to do.

What to do: You should really perform a complete restore because there is no telling what has happened. But if you want to try something less drastic first, research the many methods on how to restore the lost functionality (any Internet search engine will return lots of results), then restart your computer in Safe Mode and start the hard work. I say “hard work” because usually it isn’t easy or quick.

HAS YOUR EMAIL BEEN HACKED?

A major concern we all have is whether our email accounts have been hacked/owned and that we might experience data leaks if that is the case. I use this one very reliable digital tool to test for any emails breaches:

Who. What.

For the trial law and legal community from a private investigator's perspective.
The Beacon Bulletin is the weekly newsletter authored and published by our parent company, Beacon Network Investigations, LLC (BNI).
We're a private investigation company. We DON'T dispense legal advice, respond to anonymous queries or black hat your enemies for you. (Internally, however, points are alloted to our favorite subtly phrased compliments.)
We DO hope to inform. That's our business.